/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package com.testapp.timemanagment.controllers;

import com.testapp.timemanagment.dao.AccountDao;
import com.testapp.timemanagment.models.Account;
import com.testapp.timemanagment.services.AccountService;
import com.testapp.timemanagment.services.CryptService;
import java.io.IOException;
import java.util.ArrayList;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.ParameterNameDiscoverer;
import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
/**
 *
 * @author abondar
 */
@Controller
public class defaultController {

	
	@Autowired
	protected HttpServletRequest httpServletRequest;
	@Autowired
	private ParameterNameDiscoverer parameterNameDiscoverer;
        
        @Resource(name = "accountService")
	private AccountService accountService;
        
        @Resource(name = "cryptService")
	private CryptService cryptService;
        
        protected final Log logger = LogFactory.getLog(getClass());

		
	@RequestMapping("active.htm")
	public ModelAndView activeHandler(
		HttpServletResponse httpServletResponse,
		HttpServletRequest httpServletRequest,
		@RequestParam(value = "name", required = false, defaultValue = "World") String name) {
		ModelAndView mav = new ModelAndView("audit");
		return mav;
	}
	
	@RequestMapping("index.htm")
	public ModelAndView indexHandler(
		HttpServletResponse httpServletResponse,
		HttpServletRequest httpServletRequest,
		@RequestParam(value = "name", required = false, defaultValue = "World") String name) {
		ModelAndView mav = new ModelAndView("index");
                logger.info("some test log");
		return mav;
	}
	
	@Secured({"ROLE_USER", "ROLE_ADMIN"})
	@RequestMapping("api.htm")
	public ModelAndView apiHandler() {
		ModelAndView mav = new ModelAndView("api");
		mav.addObject("methods", ApiController.class.getDeclaredMethods());
		mav.addObject("parameterNameDiscoverer", parameterNameDiscoverer);
		mav.addObject("domainName", httpServletRequest.getServerName());
		return mav;
	}
        
        @RequestMapping("login.htm")
	public ModelAndView loginHandler(
		HttpServletResponse httpServletResponse,
		@RequestParam(value = "email", required = false) String email,
		@RequestParam(value = "password", required = false) String password) throws IOException {
		Account account = new Account();
		ModelAndView mav = new ModelAndView("login");

		if ("POST".equals(httpServletRequest.getMethod())
			&& null != email
			&& null != password) {
			account = accountService.getAccountByLogin(email);
			if (null != account) {
				String salt = cryptService.getSalt(account.getPassword());
				String encryptedPassword = cryptService.cryptPassword(password, salt);
				String accountPassword = account.getPassword();
				if (accountPassword.equals(encryptedPassword)) {
					accountService.setAuthentication(
						account.getEmail(),
						account.getPassword(),
						account.getAuthorities());
				}

				ArrayList<String> roles = new ArrayList<String>();
				roles.add("ROLE_USER");
				if (accountService.hasRole(roles)) {
					httpServletResponse.sendRedirect(httpServletRequest.getContextPath());
				}

			} else {
				mav.addObject("status", "Username or password is incorrect");
			}
		}

		mav.addObject("loggedInAccount", accountService.getLoggedInAccount());
                
		mav.addObject("role", accountService.getRole());
		mav.addObject("viewName", mav.getViewName());
		mav.addObject("domainName", httpServletRequest.getServerName());
		return mav;

	}

//	@RequestMapping("goldenkey")
//	public ModelAndView loginHandler() throws IOException {
//		ModelAndView mav = new ModelAndView("welcomeGK");
//		return mav;
//	}
	
	@RequestMapping("logout.htm")
	public ModelAndView logoutHandler(
		HttpServletResponse httpServletResponse,
		@RequestParam(value = "logout", required = false) String logout) throws IOException {
		ModelAndView mav = new ModelAndView("logout");


		Account user = new Account();

		if ("POST".equals(httpServletRequest.getMethod())) {
			accountService.logout();
		}

		mav.addObject("role", accountService.getRole());
		mav.addObject("loggedInAccount", accountService.getLoggedInAccount());
		mav.addObject("domainName", httpServletRequest.getServerName());
		return mav;
	}
}
